let's say I visit some dedicated website www.mysite.com, that placed a cookie in my browser.
later, I want to use that cookie from within some app that opens a webview to the same website, so I can somehow correlate the activity that he user had done via the browser, and the activity he is now doing from within the native app's WebView.
Is it possible to share cookies like that?
Is it possible to share cookies like that?
No, for blindingly obvious privacy and security reasons.
Now with OkHttpClient, you can send a request to a browser and access its cookies
Related
I working on a mobile app that has some functionality that is not implemented natively but only on an external website. The user is logged in into the app, but when opening the external links (both in a webview and in the external browser) it has to log in again to access the functionality.
Is there any way to authenticate the user in the browser too without compromising security and/or user experience?
Any experience / best practice to share?
If you're using something like a REST API to log in then it may be returning something like a session token in the response cookies so that subsequent requests to the API will know which user they refer to. For that case you would need to copy the API cookies into the URL request for the web view or into the web view's cookie store before making the request, as I recall.
I have open my phone's default browser and open http://stackoverflow.com url. I have perform proper login steps there and I am easily be able to view my profile in default browser.
Now, I have created an Webview application which loads "http://stackoverflow.com" url but in my Webview but it is not showing me as logged in mode. Obviously it is not fetching cache details from default browser.
Now my question is, How can I fetch my login details in Webview ?
How can I fetch my login details in Webview ?
In general, you don't. You do not have rights to steal information from other apps, any more than they have the right to steal information from yours.
If, however, you "perform proper login steps" inside of the WebView, you will be logged in within that WebView.
If your end objective is to use the StackExchange API, you should be able to use their OAuth 2.0 authentication system.
I need to access the Gmail web interface from within a WebView in my Activity. For obvious security/trust reasons, I'd like to avoid asking the user for his Gmail credentials and storing them somewhere, but rather use something like OAuth to be granted access to Gmail. From what I've found, OAuth is only implemented for IMAP and SMTP-access to the Gmail-Account, correct?
Would using webView.getSettings().setSavePassword(true); and letting the user sign in the first time he/she uses the app work? How would I automatically submit the saved details on subsequent app-launches?
Thanks,
Nick
You have to regard your WebView as a browser. How does a browser like Chrome let you be automatically signed in each time you visit Gmail? It stores the session cookies from Gmail.
To store cookies from your WebView and reuse them the next time, check out CookieManager.
I want to access an online music library from my android application to play its music. The music is accessible on a url lets say www.test.com/music.html.
In order to get to this website though you need to login on www.test.com/index.html
In my Android App I don't want to have to login. So how can I bypass the login screen?
I have thought about a persistent cookie that comes with the app, how can I include this into the android application?
Or is there another solution like putting the login information in the post request?
Yes, cookies is right solution in case you use embedded WebView in your app to log-in. You will need to use CookieSyncManager for it, look through this tutorial.
If you perform the log-in by entering username and password to EditText and then sending it to server, then you'd better implement token-based authentication. However, you may simply save user credentials to SharedPreferences, but that's actually a bad practice.
You could give SharedPreferences a try:
http://developer.android.com/guide/topics/data/data-storage.html#pref
I want to inject cookies into Android Browser from My App's HttpClient's Cookie Store, is that possible, I do not mean WebView.
Indirectly - your server can modify cookies that can be read by browser